Most Exploitable CVEs - EPSS Rankings

CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.

164

EPSS > 50%

156

CISA KEV Listed

35,468

CVEs with EPSS

0.7%

Avg EPSS Score

All Critical High Medium Low

Rank	CVE ID	EPSS Score	Percentile	CVSS	Summary
3601	CVE-2023-7317	0.33%	55.4th	8.8	Nagios XI versions before 2024R1 have a missing access control vulnerability in the Web SSH Terminal
3602	CVE-2025-13536	0.33%	55.3th	8.8	The Blubrry PowerPress WordPress plugin allows authenticated attackers with Contributor-level access
3603	CVE-2025-12775	0.33%	55.3th	8.8	The WP Dropzone WordPress plugin allows authenticated users with subscriber-level access or higher t
3604	CVE-2025-11724	0.33%	55.3th	8.8	The EM Beer Manager WordPress plugin allows authenticated attackers with subscriber-level access or
3605	CVE-2024-12637	0.33%	55.3th	5.3	The Moving Users WordPress plugin exposes sensitive user data through predictable JSON file location
3606	CVE-2024-12713	0.33%	55.2th	5.3	The SureForms WordPress plugin has an information exposure vulnerability that allows unauthenticated
3607	CVE-2024-11290	0.33%	55.3th	5.3	The Member Access WordPress plugin up to version 1.1.6 allows unauthenticated attackers to bypass co
3608	CVE-2024-55241	0.33%	55.2th	8.8	This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable v
3609	CVE-2024-12184	0.33%	55.3th	5.3	This vulnerability in the WordPress Contact Forms by Cimatti plugin allows unauthenticated attackers
3610	CVE-2024-8953	0.33%	55.2th	9.8	This vulnerability allows remote code execution through the mathematical_calculator endpoint in comp
3611	CVE-2025-20142	0.33%	55.2th	8.6	This vulnerability in Cisco IOS XR Software allows unauthenticated remote attackers to cause line ca
3612	CVE-2025-3066	0.33%	55.2th	8.8	A use-after-free vulnerability in Chrome's Site Isolation feature allows remote attackers to potenti
3613	CVE-2025-5525	0.33%	55.3th	5.6	CVE-2025-5525 is a critical command injection vulnerability in Jrohy trojan versions up to 2.15.3. A
3614	CVE-2025-41668	0.33%	55.3th	8.8	CVE-2025-41668 allows a low-privileged remote attacker with file access to replace critical files us
3615	CVE-2025-41666	0.33%	55.3th	8.8	This vulnerability allows a low-privileged remote attacker with file access to replace a critical wa
3616	CVE-2022-50593	0.33%	55.3th	9.8	This vulnerability allows remote attackers to bypass authentication and execute SQL injection via th
3617	CVE-2025-66404	0.33%	55.3th	6.4	This CVE describes a command injection vulnerability in the exec_in_pod tool of mcp-server-kubernete
3618	CVE-2025-21357	0.33%	55.2th	6.7	Microsoft Outlook contains a remote code execution vulnerability that allows attackers to execute ar
3619	CVE-2025-1214	0.33%	55.1th	6.3	CVE-2025-1214 is a critical missing authorization vulnerability in PiHome 2.0's role-based access co
3620	CVE-2025-25182	0.33%	55.1th	9.4	This CVE describes an authentication bypass vulnerability in Stroom data platform when configured wi
3621	CVE-2025-3040	0.33%	55.1th	6.3	CVE-2025-3040 is a critical unrestricted file upload vulnerability in Project Worlds Online Time Tab
3622	CVE-2025-3807	0.33%	55.1th	6.3	This critical vulnerability in My-BBS 1.0 allows remote attackers to upload arbitrary files without
3623	CVE-2025-28231	0.33%	55.1th	9.1	This vulnerability allows unauthorized attackers to execute arbitrary commands with Administrator pr
3624	CVE-2025-3254	0.33%	55.1th	6.3	This critical vulnerability in xujiangfei admintwo 1.0 allows remote attackers to perform server-sid
3625	CVE-2025-30749	0.33%	55.1th	8.1	This vulnerability in Oracle Java's 2D component allows an unauthenticated attacker with network acc
3626	CVE-2025-13716	0.33%	55.1th	7.8	This vulnerability allows remote attackers to execute arbitrary code as root on Tencent MimicMotion
3627	CVE-2025-13715	0.33%	55.1th	7.8	This vulnerability allows remote attackers to execute arbitrary code as root on systems running Tenc
3628	CVE-2025-13714	0.33%	55.1th	7.8	This vulnerability allows remote attackers to execute arbitrary code as root on Tencent MedicalNet i
3629	CVE-2025-13713	0.33%	55.1th	7.8	This vulnerability allows remote attackers to execute arbitrary code as root on systems running vuln
3630	CVE-2025-13712	0.33%	55.1th	7.8	This vulnerability allows remote attackers to execute arbitrary code as root on Tencent HunyuanDiT i
3631	CVE-2025-13710	0.33%	55.1th	7.8	This vulnerability allows remote attackers to execute arbitrary code as root on Tencent HunyuanVideo
3632	CVE-2025-13708	0.33%	55.1th	7.8	This vulnerability allows remote attackers to execute arbitrary code as root on systems running Tenc
3633	CVE-2025-13707	0.33%	55.1th	7.8	This vulnerability allows remote attackers to execute arbitrary code as root on systems running vuln
3634	CVE-2025-13706	0.33%	55.1th	7.8	This vulnerability allows remote attackers to execute arbitrary code as root on Tencent PatrickStar
3635	CVE-2025-66909	0.33%	55.1th	7.5	This vulnerability allows unauthenticated attackers to cause denial of service by uploading speciall
3636	CVE-2024-57575	0.33%	55.1th	9.8	This vulnerability allows remote attackers to execute arbitrary code on Tenda AC18 routers by exploi
3637	CVE-2024-13814	0.33%	55.1th	5.4	This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to ex
3638	CVE-2024-50704	0.33%	55th	10.0	This is a critical unauthenticated remote code execution vulnerability in Uniguest Tripleplay softwa
3639	CVE-2025-32929	0.33%	55.1th	7.5	A missing authorization vulnerability in the Barcode Generator for WooCommerce WordPress plugin allo
3640	CVE-2025-31909	0.33%	55.1th	7.5	A missing authorization vulnerability in Apptivo Business Site CRM WordPress plugin allows attackers
3641	CVE-2025-30880	0.33%	55.1th	7.5	This CVE describes a missing authorization vulnerability in JoomSky JS Help Desk WordPress plugin th
3642	CVE-2025-30797	0.33%	55.1th	7.5	This CVE describes a Missing Authorization vulnerability in the WordPress Greek Multi Tool plugin th
3643	CVE-2025-36527	0.33%	55.1th	8.3	This SQL injection vulnerability in ManageEngine ADAudit Plus allows attackers to execute arbitrary
3644	CVE-2025-14111	0.33%	55.1th	5.0	This CVE describes a path traversal vulnerability in Rarlab RAR App for Android that allows attacker
3645	CVE-2026-24728	0.33%	55.1th	N/A	This vulnerability allows remote attackers to access administrative functionality without authentica
3646	CVE-2025-24033	0.33%	55th	7.5	This vulnerability in @fastify/multipart plugin causes temporary uploaded files to persist on disk w
3647	CVE-2024-57034	0.33%	55th	9.8	CVE-2024-57034 is a critical SQL injection vulnerability in WeGIA versions before 3.2.0 that allows
3648	CVE-2024-57031	0.33%	55th	9.8	WeGIA versions below 3.2.0 contain a SQL injection vulnerability in the /funcionario/remuneracao.php
3649	CVE-2025-25521	0.33%	55th	9.8	Seacms versions up to 13.3 contain a SQL injection vulnerability in admin_type_news.php that allows
3650	CVE-2025-25519	0.33%	55th	9.8	SeaCMS versions up to 13.3 contain a SQL injection vulnerability in the admin_zyk.php file that allo

← Previous Page 73 of 710 Next →

What is EPSS?

The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation — making it ideal for prioritizing which vulnerabilities to patch first.

Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.

Prioritize by Exploit Risk

Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.

Start Monitoring Free